Nmap is a discovery tool used in security circles but very useful for network administrators or sysadmins. One can get information about operating systems, open ports, running apps with quite good accuracy. It can even be used in substitution to vulnerability scanners such as Nessus or OpenVAS for not very large environments, or quick audits. […]
Nmap cheatsheet
FreeBSD particularities
As some others unix-like operating systems FreeBSD has some particularities aside to the UNIX heritage, licensing and the like. The init system is the way a system starts up and the BSD has always been different. If you happen to be a UNIX admin I am sure you are aware of this and the folks […]
ARP spoofing attacks
ARP spoofing attacks are quite harming and they can easily constitute a man-in-the-middle (MITM) attack. They consist on the attacker sending ARP packets into the network the victim is located, typically redirecting traffic to the attacker’s machine. Once this is achieved the attacker can sniff all the traffic sent by the victim’s device and obtain […]
How to install sudo in FreeBSD
Sudo is a very useful application. It allows a regular user to perform tasks only reserved to the root account. There is lots of documentation about sudo and there is even a book about it called “Sudo Mastery”. If you need to investigate deep on this, buy it. Why do you need this? Well… Everyone […]
How to test pfSense on VirtualBox running on FreeBSD
There are other guides on how to do this on Windows, Mac, but not on FreeBSD, so here goes a how to pfSense on Virtualbox running on FreeBSD. Before going to it, let’s address the first question, which is what is pfSense. pfSense is a FreeBSD based distribution made for networking purposes. The company behind […]
How to work with Nessus scan results
Working with Nessus scan results is easy. How do I know that? Because I’ve worked with this tool for some time and although I do not know every corner of the things I’ve been doing some scans and solving quite a few deffects on systems that were labeled as ‘production ready’ when they clearly weren’t. […]
How to configure Modsecurity 3 for WordPress on FreeBSD
A few weeks ago I wrote a guide on how to install Modsecurity 3 on Apache HTTP for the FreeBSD operating system. However there’s a catch with that setting and with Modsecurity in general. As good as it is as a WAF you need to at least adjust its configuration to the tool one pretends […]
How to configure Apache HTTP with a TLS reverse proxy backend on FreeBSD
A few weeks ago I published a how to guide to configure Apache HTTP as a reverse proxy. On that ocasion I was following what the average guide on the internet does on Linux. A front end server with Apache HTTP on calls a backend server where the real site is sitting. Many backend calls […]
How to test SSL/TLS configurations
If you are in charge of any site with SSL/TLS conenctions enabled you are always in the chase to get the best possible and most secure configuration. This isn’t always the case and the lack of time does take its toll on many administrators. Those individuals are always asked to do more with less and […]
How to find vulnerabilities in your WordPress with WPScan
Vulnerability scanners are useful tools for administrators and security analysts alike. For the casual WordPress user tools like WPScan may look excessive and complicated for their knowledge, they just need their blog, web page, whatever they’re doing up and running. Any complex administration bothers them to the max, and there are good and valid reasons […]